Flight Ticket Fraud Alert

Fraudsters are attempting to entice victims who are looking for cheap flights abroad.

Victims have reported booking tickets via websites or a “popular” ticket broker, only to discover that after payment via bank transfer or electronic wire transfer, the tickets/booking references received are counterfeit. In some cases, all communications between the company or broker and the victim have been severed.

Fraudsters are targeting individuals who are seeking to travel to African nations and the Middle East, particularly those wishing to travel in time for popular public and religious holidays.

Prevention Advice:

  • Pay safe: Be cautious if you’re asked to pay directly into a private individual’s bank account. Paying by direct bank transfer is like paying by cash – the money is very difficult to trace and is not refundable. Wherever possible, pay by credit card or a debit card.
  • Conduct research on any company you’re considering purchasing tickets from; for example, are there any negative reviews or forum posts by previous customers online? Don’t just rely on one review – do a thorough online search to check the company’s credentials.
  • Check any company website thoroughly; does it look professional? Are there any spelling mistakes or irregularities? There should be a valid landline phone number and a full postal address so that the company can be contacted. Avoid using the site if there is only a PO Box address and mobile phone number, as it could be difficult to get in touch after you buy tickets. PO Box addresses and mobile phone numbers are easy to change and difficult to trace.
  • Be aware that purchasing tickets from a third party, particularly when initial contact has been made via a social media platform can be incredibly risky.
  • If tickets to your intended destination appear cheaper than any other vendor, always consider this; if it looks too good to be true, it probably is!
  • Look for the logo: Check whether the company is a member of a recognised trade body such as ABTA or ATOL. You can verify membership of ABTA online, atwww.abta.com.
  • If you have been affected by this, or any other type of fraud, report it to Action Fraud by calling 0300 123 2040, or visiting www.actionfraud.police.uk.

Cost of car insurance fraud to victims revealed in new police campaign

  •  City of London Police’s Insurance Fraud Enforcement Department launches campaign to raise awareness of fraudsters selling fake car insurance and warn motorists to ‘Steer Clear of Fraud’
  • Over 850 reports of ghost broking have been reported to Action Fraud in last three years, with reported losses from individuals and organisations totalling £631,000
  • Individual victims of ghost brokers lose on average £769
  • Ghost brokers typically target men in their 20s, using social media

The City of London Police’s Insurance Fraud Enforcement Department (IFED) has launched a national awareness campaign today (Monday 5 February 2018) to warn motorists about the dangers of buying fake car insurance from fraudsters, also known as ‘ghost brokers’, who are potentially leaving thousands of unsuspecting victims driving without insurance.

Extent of the problem

From November 2014 to October 2017, Action Fraud received more than 850 reports linked to ghost broking, with reported losses for both individuals and organisations totalling £631,000. On average, each individual victim lost £769 from this type of fraud

Of these reports, 417 resulted in action being taken against the offenders by IFED following their investigations into ghost broking over the past three years, which included a man who set up 133 fake policiesa teenage ghost broker who was sentenced to jail and a man who made £59,000 from ghost broking.

However, it is thought that the true number of ghost broking victims may be much higher than this figure, as some motorists may be driving on the roads right now unaware that their policy is fraudulent. It is only when they are stopped by police or attempt to make a claim will they find out that they don’t have genuine cover.

This leads police to believe that ghost broking is actually being under reported each year due to the way ghost brokers deceive motorists into thinking they have legitimate insurance, when in fact it’s worthless.

What is ghost broking?

Ghost broking is the name given to a tactic used by fraudsters who sell fraudulent car insurance by a number of different methods. They typically carry out the fraud by one of three ways: they will either forge insurance documents, falsify the driver’s details to bring the price down or take out a genuine policy, before cancelling it soon after and claiming the refund plus the victim’s money.

It is a legal obligation to have valid car insurance and without it victims will experience the severe harm caused by ghost broking, including:

  • Points on their driving licence
  • Vehicle seizure and possible destruction of it
  • A fixed penalty notice
  • Costs to retrieve impounded vehicle
  • Liable for claims costs if involved in an accident

This is on top of the money motorists will have lost buying the invalid car insurance and the money they will have to spend to then buy a legitimate insurance policy.

IFED analysis into the ghost broking reports reveals that men aged 20-29 are most likely to get targeted and that the most common method ghost brokers will use to make initial contact with people is through social media, particularly Facebook and Instagram. Other contact methods include adverts in newspapers and magazines, cold calls and being introduced, either directly or by friends, family members or work colleagues.

Stay safe when buying car insurance

In light of these worrying figures, IFED is encouraging drivers to be wary of heavily discounted prices on the internet or cheap prices they’re offered directly for car insurance, as they may well be ghost brokers.

IFED is issuing the following advice and tips to help drivers avoid falling victim to ghost brokers:

• Trust your instincts – if an offer looks too good to be true, then it probably is.
• Ghost brokers often advertise on student websites or money-saving forums, university notice boards and marketplace websites. They may also try to sell insurance policies in pubs, clubs or bars, newsagents and car repair shops.
• Be wary of ghost brokers using only mobile phone or email as a way of contact. Ghost brokers have even been reported using messaging apps, including WhatsApp, Snapchat and Facebook. Fraudsters don’t want to be traced after they’ve taken your money.
• If you are not sure about the broker, check on the Financial Conduct Authority or the British Insurance Brokers’ Association website for a full list of all authorised insurance brokers.
• You can also contact the insurance company directly to verify the broker’s details.
• You can check to see if your car is legitimately insured on the Motor Insurance Database website.

Detective Chief Inspector Andy Fyfe, Head of the City of London Police’s Insurance Fraud Enforcement Department, said:

“Ghost brokers trick unsuspecting victims with offers of heavily discounted car insurance, leaving them with a policy that isn’t worth the paper it’s written on and open to the severe harm that comes with driving without valid insurance. Being able to drive is vital for a lot people, whether it be to get to work or pick up their children from school or nursery, so if they fall victim to a ghost broker it could not only impact on them financially but also seriously affect their day to day life and make things very difficult.

“As well as the personal harm experienced by victims, ghost brokers also cause financial harm to the insurance industry, driving up the cost of insurance premiums for all motorists.

“While an offer of cheap car insurance may seem tempting, falling victim to ghost broking will end up costing you far more in the long run – both in terms of money and your licence.”

Phantom Debt Fraud Alert – January 2018

Phantom Debt Fraud 
Action Fraud has recently experienced an increase in the number of calls to members of the public by fraudsters requesting payments for a “phantom” debt. The fraud involves being cold-called by someone purporting to be a debt collector, bailiff or other type of enforcement agent. The fraudster may claim to be working under instruction of a court, business or other body and suggest they are recovering funds for a non-existent debt.

The fraudsters are requesting payment, sometimes by bank transfer and if refused, they threaten to visit homes or workplaces in order to recover the supposed debt that is owed. In some cases, the victim is also threatened with arrest. From the reports Action Fraud has received, this type of fraud is presently occurring throughout the UK.

It is important to recognise that there are key differences between the various entities who seek to settle debts or outstanding fees in England and Wales. These differences range from the type of debt they will enforce to the legal powers they possess. To learn more, please take a look at some of the helpful information and links on the Step Change Debt Charity website; https://www.stepchange.org/debt-info/debt-collection/bailiffs-and-debt-collectors-differences.aspx 

Protect Yourself
  • Make vigorous checks if you ever get a cold call. Bailiffs for example, should always be able to provide you with a case number and warrant number, along with their name and the court they are calling from; make a note of all details provided to you.
  • If you receive a visit from a bailiff, they must always identify themselves as a Court Bailiff at the earliest possible opportunity. Ask to see their identity card which they must carry to prove who they are, this card shows their photograph and identity number. They will also carry the physical warrant showing the debt and endorsed with a court seal.
  • If you work for a business and receive a call or visit, be sure to speak with your manager or business owner first. Never pay the debts yourself on behalf of the business you work for; some fraudsters have suggested employees make payment suggesting they can then be reimbursed by their employer when in reality the debt is non-existent.
  • Exercise caution believing someone is genuine because you’ve found something on the internet; fraudsters could easily create fake online profiles to make you believe them.
  • Double check with the court, company or public body they claim to work for to confirm whether the call is legitimate; if you use a landline make sure you hear the dialling tone prior to dialling as the caller could still be on the line and you could potentially speak to the fraudster(s) to confirm the non-existent debt. Also be sure to independently search for a telephone number to call; never use a number provided by the caller without carrying out your own research.
  • Do not feel rushed or intimidated to make a decision based on a phone call. Take five and listen to your instincts.
  • If you know you have a debt, keep in regular contact with your creditor and be sure to establish the debt type at the earliest opportunity if you are not aware. This will help you to understand who might be in contact with you regarding any repayments or arrears.
You can report suspicious calls like these to Action Fraud by visitingwww.actionfaud.police.uk or by calling 0300 123 2040.

Email Frauds – Information Request

TV production company Rumpus Media and are currently looking into various email scams. And are looking to collect as many examples of scam emails as possible to get an overview of how this particular area works.

Please see poster for contact details.

 

Businesses Report All-time High Levels of Fraud, Cyber and Security Incidents in 2017

Fraud, cyber, and security risks are at an all-time high, according to senior corporate executives surveyed worldwide for the 2017/18 Kroll Annual Global Fraud & Risk Report.

The proportion of executives reporting that their companies fell victim to at least one instance of fraud over the past 12 months increased to 84%, from 82% in the previous survey. Levels of reported fraud have steadily risen every year since 2012, when the reported occurrence was just 61%.

An even greater percentage of executives surveyed (86%) said their companies had experienced a cyber incident or information theft, loss, or attack over the past 12 months, slightly up from 85% in 2016. Seven in 10 respondents (70%) reported the occurrence of at least one security incident during the past year, compared to 68% in the previous survey.

The report reveals that respondents are experiencing a heightened sense of vulnerability to fraud, cyber, and security risks, with information-related risks now being the area of greatest concern. As criminals and other threat actors continue to find new ways to monetize confidential data, including personal data, data assets are becoming increasingly valuable and attractive targets.

For the first time in the report’s 10-year history, information theft, loss, or attack was the most prevalent type of fraud experienced, cited by 29% of respondents, up 5 percentage points from the previous year. This edged out theft of physical assets or stock, long the most common type of organizational loss, which this year was the second most frequently cited incident (27%).

Cyber attacks represent one of the most persistent threats to confidential information. The reported level of occurrence for every type of cyber incident included in the survey increased in the last 12 months.

Nearly four in 10 (36%) executives surveyed said their companies had been impacted by a virus or worm attack, an increase of 3 percentage points year-over-year. One in three (33%) said they had suffered an email-based phishing attack (up 7 percentage points from the last report), 27% had suffered a data breach, and 25% were affected by data deletion. Beyond digital threats, information was highly susceptible to loss through other means: 29% of executives surveyed said equipment with sensitive data was stolen, while 27% said equipment was “lost.”

Physical theft or loss of intellectual property (IP) was by far the most prevalent type of security incident. Of those executives whose company experienced a security incident this past year, 41% said their organizations fell victim to IP theft or loss.

Top three types of incidents reported by survey respondents (by category)
FraudCyberSecurity
1.Information theft, loss, or attack (29%)Virus/worm attack (36%)Physical theft or loss of intellectual property (41%)
2.Theft of physical assets or stock (27%)Email-based phishing attack (33%)Environmental risk (including damage caused by natural disasters such as hurricanes, tornadoes, floods, earthquakes, etc.) (28%)
3.Management conflict of interest (26%)Data breach resulting in loss of customer or employee data, IP/trade secrets/R&D (27%)Workplace violence (23%)

 

Jason Smolanoff, Senior Managing Director and Global Cyber Security Practice Leader for Kroll, said: “In a digitized world with growing levels of data creation, collection, and reliance for businesses, information assets have become increasingly valuable and exposed to threats. Exacerbating the challenge of safeguarding data is that criminals and other threat actors are continually developing new ways to monetize confidential information, including personal data. People instinctively think about data being targeted by cyber attacks, but not all threats to information are confined to the digital realm. There is a convergence between physical and digital threats, with issues arising from equipment with sensitive data being stolen or lost, for example, or employees with access to highly sensitive information accidentally or intentionally causing a breach.”

In addition to reporting extremely high incidence levels, respondents indicated that the repercussions of fraud, cyber, and security events were costly and wide-ranging, affecting employees, customers, as well as the organization’s reputation and bottom line.

Employee privacy, safety, or morale was negatively affected by incidents according to 82% of respondents whose companies had experienced fraud, 81% of those that reported a cyber incident, and 80% of executives whose companies endured a security event.

Approximately three quarters of respondents stated that customers had been negatively impacted by all three risk factors – 76% by a fraud incident, 74% by a cyber incident, and 74% by a security incident. Almost two-thirds said that the impacted company’s reputation had suffered due to a fraud (65%), cyber (67%), or security (66%) incident.

Businesses suffered significant economic damage from fraud, with nearly one in four respondents (23%) reporting losses of 7% or more of company revenues, an extremely worrisome increase from the prior year when only 3% of respondents reported this magnitude of financial impact.

The report further reveals mounting concerns among surveyed executives about their companies’ potential exposure to fraud, cyber, and security risks.

In particular, information-related risks overwhelmingly represent the top worries for respondents across every risk category – fraud, cyber, and security.  Almost six in 10 (57%) respondents believe their companies are highly or somewhat vulnerable to information theft, loss, or attack, up 6 percentage points from the previous survey.

With reported cyber incidents at an all-time high and perpetrators seeming to develop new methods of attack virtually every day, at least half of all executives surveyed are apprehensive about every type of cyber incident identified in the survey – with almost two-thirds (62%) especially wary of a virus or worm attack.

The proportion of respondents who said they feel highly or somewhat vulnerable to physical security threats also grew over the last year. According to the report, 63% of respondents stated their companies could be particularly prone to physical theft or loss of IP, the greatest single concern.

Insiders and ex-employees continue to pose the greatest threat to companies around the world. Respondents revealed that fraud, cyber, and security incidents are often inside jobs perpetrated by members of management or current, former, or temporary/freelance employees.

Of those reporting a fraud incident, 81% cited one or more insiders as perpetrators; likewise, 58% of respondents who reported a cyber incident and 71% of those who experienced a security incident primarily identified insiders as the perpetrators.

Junior employees were the most commonly named perpetrators of fraud incidents (39%) and former employees were cited most frequently for security incidents (37%). However, for respondents who had experienced a cyber incident in the last 12 months, a random cyber-criminal or threat actor was the single most commonly named perpetrator (34%).

Nearly all anti-fraud measures mentioned in the survey were widely adopted by more than 70% of respondents, with information controls the most widely implemented anti-fraud measure at 78%.

Reflecting the high levels of vulnerability reported by respondents to cyber intrusions, the top three cyber risk mitigation measures that executives expect their companies to implement in the next 12 months all address the problem of intrusions: i.e., intrusion detection systems that are device-based (57%), endpoint threat monitoring tools (55%), and intrusion detection systems that are network-based (54%).

Cybersecurity is also rapidly becoming a board governance mandate as the anticipated likelihood of an incident grows, compounded by increasing regulatory pressures and the costly reputational risks associated with data privacy and data loss events. The report said that 46% of respondents currently involve the board of directors in the formulation of cybersecurity policies and procedures, but another 40% plan to do so in the next 12 months.

Did you enjoy this article? Click here to subscribe to Security Magazine.

Finance industry, police and trading standards unite to tackle fraud

  • Ground-breaking rapid response scheme – the Banking Protocol – means branch staff can alert police and Trading Standards to suspected frauds taking place
  • Scheme rolling out nationwide with more than £9 million of potential fraud stopped in first year
  • The Banking Protocol has led to 101 arrests in 12 months since launch

A ground-breaking fraud prevention scheme aimed at identifying and protecting potential fraud victims when they visit a bank or building society branch has stopped more than £9 million being passed to criminals in its first year of operation, figures from UK Finance show.

The Banking Protocol, developed as a partnership between the finance industry, police and Trading Standards, enables bank staff to contact police if they suspect a customer is in the process of being scammed, with an immediate priority response to the branch. So far, the scheme has led to 101 arrests being made nationally.

The Banking Protocol was first launched last October with a pilot in London, before a national rollout began in May. The scheme is now in place in 43 police forces across the country, with all remaining forces across the UK committed to introducing it.

In the 12 months since the pilot launch until the end of October 2017, the Banking Protocol has prevented £9.1 million of fraud, with individual customers protected from losing sums ranging from £99 up to £212,000. Police have responded to a total of 1,262 Banking Protocol calls.

Katy Worobec, Managing Director of Economic Crime at UK Finance, said:

“Fraud can have a devastating effect on some of the most susceptible people in society and it’s by working together with law enforcement, and others, that we can make a real difference when it matters most. The Banking Protocol is a great example of this collaboration in action protecting people from becoming victims. The finance industry is determined to crack down on fraud and is taking action on all fronts – the Protocol is an important weapon in our armoury.”

Lord Toby Harris, Chair, National Trading Standards said:

“The National Trading Standards Scams Team has been integral to the implementation of the Banking Protocol and I am pleased to see that it is already having a real impact. This example of partnership working is key to tackling criminal activity in a world where criminals are constantly innovating and finding new ways to convince consumers of their legitimacy.

“National Trading Standards is committed to tackling criminal activity and protecting consumers from fraud but we all have a role to play. If you suspect you or someone you know is being defrauded then please contact the Citizens Advice Consumer Helpline on 03454 04 05 06.”

Commander David Clark, City of London Police, said:

“The Banking Protocol illustrates another step forward in protecting citizens across the UK, where partnerships between Policing and private sector are key to design out opportunities for unscrupulous fraudsters. I applaud the initial success of the scheme and support it going forwards.”

UK Finance has led the development and implementation of the Banking Protocol with support from the National Trading Standards Scam team and the Joint Fraud Taskforce. As well as stopping frauds taking place, the scheme ensures a consistent response to potential victims and gives them extra support to prevent them becoming a victim in the future. The Post Office is also part of the Protocol.

Alert: We’re aware of fake websites selling tickets for the Anthony Joshua and Joseph Parker boxing match before their official release date

Action Fraud is warning the public not to purchase tickets for the Anthony Joshua and Joseph Parker Heavyweight World title boxing match on websites that are offering them before their official release date. 

Tickets for the blockbuster Heavyweight World title boxing match between Anthony Joshua MBE and Joseph Parker go on pre-sale to Matchroom Fight Pass members at midday on Monday 22nd January and general sale on Tuesday 23rd January ahead of the event live on Sky Sports Box Office on the 31st March.

Tickets for the event are priced at £40, £60, £80, £100, £150, £200, £300 and £600 – with VIP tickets priced at £2000.

As these tickets do not go on sale until Monday, it is physically impossible for these tickets to exist. Any website that is offering tickets for sale before Monday 22nd January is likely to be fraudulent.

On one of the scam websites we’ve been monitoring you can actually add more VIP ringside seats to the basket and proceed to the payment page than there are seats at ringside.

Tickets go on sale for the fight by the official ticketing partner Stub Hub. Their website tells you everything you need to know about the fight taking place at Cardiff’s Principality Stadium.

Last year we launched a campaign which showed that more than 21,000 people reported falling victim to ticket fraud in the previous 3 years with a total loss of £17 million.

Follow our advice on how to buy tickets safely online to avoid fraud.

Report fraud and cyber crime and receive a police crime reference number.

UK victims defrauded by fraudsters via Western Union transfers may be eligible for refund

Action Fraud is contacting around 22,000 UK victims who have made a report of fraud in which they stated that the method of transfer for payments involved a money transfer via Western Union. 

Who can apply for a refund?

Action Fraud and the National Fraud Intelligence Bureau (NFIB) were made aware of a US court ruling in respect of Western Union which may affect some victims in the UK that have previously reported to Action Fraud.

Action Fraud has confirmed that anybody in the UK who was a victim of fraud which involved making a wire transfer payment via Western Union between 1 January 2004 and 19 January 2017 may be eligible to recover some of the funds paid.

How to apply for a refund?

You can either apply online or by post until 12 February 2018.

For the latest information about the remission process:

If you want to find more detail, the United States Department of Justice (DOJ) has a detailed list of frequently asked questions.

Please do not contact Action Fraud, the NFIB or City of London Police as we cannot pursue a claim on your behalf. 

How to protect yourself?

We believe that fraudsters may use this court settlement to commit fraud recovery fraud on victims who are not aware of all the facts.

Fraudsters are clever, so stay one step ahead by knowing what to look out for:

  • Filing a claim is free, so don’t pay anyone to file a claim on your behalf. No one associated with the claims process will call to ask for your bank account or credit card number.
  • Watch out for copy-cat websites. Make sure you only apply through the official website and do not apply for a refund elsewhere.
  • You don’t have to pay to get your money back or use a claims firm.
  • Action Fraud cannot claim money on your behalf.

Report fraud and cyber crime and receive a police crime reference number.

Fake Government Grants Fraud Alert – 13/12/2017

Individuals and businesses are being warned to watch out for cold calls and online contact from fraudsters who are offering victims the opportunity to apply for Government grants for an advance fee.

To make the grants look legitimate fraudsters have set up bogus companies and convincing looking websites that claim to be operating on behalf of the UK Government.

Fraudsters cold call businesses and individuals offering the grant and if they’re interested direct them to fill out an online application form with their personal information.

Once the fraudsters have that information they’ll contact back victims and congratulate them on being accepted onto the grant programme.   

Pre-paid credit cards

Applicants are then asked to provide identification and are instructed to get a pre-paid credit card to deposit their own contribution to the fake Government grant scheme. Fraudsters will then contact victims on the phone or are emailed and asked for the details of their pre-paid credit card and copies of statements to in order for them to add the grant funds.

Of course the grant funds are never given by the fraudsters and the money that’s been loaded by the victim onto the card is stolen.

If you receive one of these calls, hang up immediately and report it to us. We’ve already taken down one website fraudsters have been using to commit this fraud and are working with Companies House to combat this issue.

How to protect yourself:

Be wary of unsolicited callers implying that you can apply for grants. You should never have to pay to receive a government grant, and they definitely won’t instruct you to obtain a pre-paid credit card. The government should have all the information they need if a genuine grant application was submitted, therefore any requests for personal or banking information either over the phone or online should be refused.

What to do if you’re a victim: 

  • If you think your bank or personal details have been compromised or if you believe you have been defrauded contact your bank immediately.
  • Stop all communication with the ‘agency’ but make a note of their details and report it to Action Fraud.
  • If you have been affected by this, or any other type of fraud, report it to Action Fraud by visiting www.actionfraud.police.uk or by calling 0300 123 2040. 

The information contained within this alert is based on information from gathered by the National Fraud Intelligence Bureau (NFIB).  The purpose of this alert is to increase awareness of this type of fraud. The alert is aimed at members of the public, local police forces, businesses and governmental agencies.

Shopping Online Safely – 24/11/2017

How To Shop Online Safely

Check the web address

Always check you’re on the correct website. Criminals can set up fake websites that have a similar design and web address to the genuine site.

Is it a secure connection?

Web pages you enter personal or financial details into should display a locked padlock sign and have a web address that starts with https. This means your connection to the website is secure.

Phishing

Don’t click on links or attachments within unsolicited emails. The number of online shopping related phishing emails increases significantly during the holiday period.

 Bank transfers
65% of Action Fraud reports during the 2016 Christmas period were linked to online auction sites. Don’t pay for goods or services by bank transfer unless you know and trust the person. Payments via bank transfer offer you no protection if you become a victim of fraud.